The term “Internet of Things” (IoT) refers to a network of a wide variety of devices, such as computers, sensors, vehicles, home appliances, medical equipment, and/or surveillance equipment. Such devices may be referred to as “IoT devices.” Many IoT devices may connect to a network without explicit permission or acknowledgement from a network administrator. Many IoT devices may be easily relocated from one physical location to another physical location without explicit permission or acknowledgement from a network administrator. Many IoT devices may be easily relocated from one network location to another network location (for example, from one subnet to another subnet) without explicit permission or acknowledgement from a network administrator. Therefore, management of IoT devices (or any network with a large number devices) may be very difficult.
Moreover, an IoT device may be the subject of a network attack. As an example, a user may bring in a particular IoT device to a network. A network administrator might have no knowledge or control over the particular IoT device. The user does not perform regular software updates on the particular IoT device. Hence, the particular IoT device may have vulnerabilities to certain network attacks. The particular IoT device may become a weak entry point for an attacker. As another example, malicious software may be installed on a particular IoT device. Through a network connecting the particular IoT device with other devices, the particular IoT device may cause the malicious software to be installed on the other devices as well. Hence, a large number of devices in the network may become infected. Therefore, maintaining security in a network of IoT devices (or any network with a large number of devices) may be very difficult.
The approaches described in this section are approaches that could be pursued, but not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated, it should not be assumed that any of the approaches described in this section qualify as prior art merely by virtue of their inclusion in this section.